• Information Systems Security Analyst, Sr.

    Location US-VA-Dulles
    Posted Date 1 month ago(11/11/2018 4:40 PM)
    Job ID
    S-36
    # Positions
    1
    Experience (Years)
    6
    Category
    Cyber Security
  • Overview

    WOOD is currently hiring a Sr. Information System Security Analyst to join our team in Dulles, VA. The Principal Information System Security Analyst applies current technologies to the design, development, evaluation and integration of computer information systems and networks to maintain system security. May work with commercial computer product vendors in the design and evaluation of state-of-the-art secure COTS applications, operating systems, networks and database products and technology.

    Responsibilities

    • Perform Information Systems Security Engineering functions
    • Perform technical security assessment to identify points of vulnerability, non-compliance with information assurance (IA) standards and recommend mitigation strategies
    • Validate and verify system security requirements definitions and analysis and establish security designs
    • Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves  and with differing data protection/;classification requirements
    • Assess and mitigate  system security threats/risks throughout the program life cycle
    • Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
    • Develop analysis and review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content
    • Apply system security engineering expertise to one or more of the following: system security design process, engineering life cycle, information domain, cross domain solutions, commercial off-the-shelf and government off-the-shelf cryptography, identification, authentication; and authorization, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, certification and accreditation process, principles of IA (confidentiality, integrity, non-repudiation, availability, and access control), and security testing
    • Recommend hardware, software, and develop policies and procedures to investigate malware incidents for multiple networks
    • Develop analysis and make recommendations for hardware and software that will mitigate malware intrusions
    • Develop, implement and maintain the information system security posture across multiple networks
    • Perform analysis on large data sets
    • Provide security services for certification and accreditation (C&A) requirements, including developing and maintaining information assurance documentation for all network components
    • Support continuous monitoring and FISMA compliance
    • Conduct bi-monthly vulnerability scans and reconcile results, and report all findings

    Qualifications

    US Citizenship and an Active Top Secret/Sensitive Clearance TS/SCI Required

    • Eight (8) or more years of systems development experience required
    • Bachelor’s degree in Information Security, Cyber Engineering or a related discipline is required
    • A Master's degree in a related discipline may substitute for two (2) years of experience
      • A PhD may substitute for four (4) years of experience
    • Experience and/or familiarity with Certification and Accreditation (C&A)
    • Experience and/or familiarity with the following network protection devices: Firewalls, intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis
    • Experience and/or familiarity with Secure Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alert (IAVA), DCID 6/3, Federal Information Security Management Act (FISMA) and other tools using industry best practices
    • Experience with one or more of the following Netezza, Mantra Centrifuge, Aginity Workbech, LYNXeon Cyber Solutions, VIAssist, IN-SPIRE, CyberSource, IClass, SPSS, Max Mind, Quova, etc.
    • Experience with Earned Value Management Systems (EVMS), compliant with ANSI/EIA Standard 748-B required
    • Establish common processes across tasks, including configuration management (CM), risk management, quality assurance (QA), etc.
    • Experience with ArcSight desired
    • SourceFire experience required

    Certifications:

    • 8570.1-M Compliance at IAT Level I or equivalency (e.g., Certified Information Systems Security Professional (CISSP)) certification required
    • Cisco Certified Network Professional (CCNP), Cisco Certified Security Professional (CCSP) or similar certification required
    • Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification preferred
    • SourceFire Certified Professional (SFCP) certification desired

     

    WOOD Consulting Services is headquartered in Fulton, Maryland with an office in Washington, DC. WOOD embraces a simple philosophy… take care of our people and they will take care of our customers. We seek to hire and retain high caliber-talent to meet the needs of our customers with excellent services. For over 20 years, WOOD has followed that philosophy and built a reputation as reliable mission-enablers helping U.S. agencies achieve mission success.

     

    WOOD is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed